✨(feature) add config endpoint (#38)

Author: ChristopherSpelt

backend/app/clients/drive.py

@@ -11,7 +11,6 @@ def __init__(self, base_url: str, token: str) -> None:
             headers={"Authorization": f"Bearer {self.token}", "Content-Type": "application/json"}
         )
 
-
     def get_documents(
         self, path: str = "api/v1.0/items/", page: int = 1, title: str | None = None, favorite: bool = False
     ) -> list[Document]:
@@ -29,20 +28,18 @@ def get_documents(
         if len(results) < 1:
             return TypeAdapter(list[Document]).validate_python([])
 
-
-        workspace_id = results[0]['id']
+        workspace_id = results[0]["id"]
 
         item_url = f"{self.base_url}/api/v1.0/items/{workspace_id}/children/"
 
         response = self.client.request("GET", item_url)
         if response.status_code != 200:
             return TypeAdapter(list[Document]).validate_python([])
-        
+
         results = response.json().get("results", [])
 
         print(results)
 
-
         notes: list[Document] = TypeAdapter(list[Document]).validate_python(results)
 
-        return notes
+        return notes

backend/app/clients/meet.py

@@ -30,4 +30,4 @@ def get_meetings(
 
         notes: list[Meeting] = TypeAdapter(list[Meeting]).validate_python(results)
 
-        return notes
+        return notes

backend/app/clients/zaken.py

@@ -1,55 +1,168 @@
+import json
 import secrets
-from typing import Literal
+from typing import Annotated, Any, Literal
 
 from jose.constants import ALGORITHMS
+from pydantic import AnyUrl, BeforeValidator, HttpUrl, computed_field
 from pydantic_settings import BaseSettings, SettingsConfigDict
 
 
+def parse_cors_origins(v: Any) -> list[str] | str:  # noqa: ANN401
+    if isinstance(v, str):
+        if v == "*":
+            return "*"
+        if not v.startswith("["):
+            return [i.strip() for i in v.split(",") if i.strip()]
+    if isinstance(v, list):
+        for idx, item in enumerate(v):  # type: ignore[misc]
+            if not isinstance(item, str):
+                raise TypeError(f"CORS_ALLOW_ORIGINS list item at index {idx} must be string, got {type(item)}")  # type: ignore[arg-type]
+        return v  # type: ignore[return-value]
+    raise ValueError(f"CORS_ALLOW_ORIGINS must be string or list, got {type(v)}")
+
+
+def parse_sidebar_links(v: Any) -> list[dict[str, str]]:  # noqa: ANN401
+    if isinstance(v, str):
+        if not v.strip():
+            return []
+        try:
+            parsed: Any = json.loads(v)
+        except json.JSONDecodeError as e:
+            raise ValueError(f"Invalid JSON in SIDEBAR_LINKS_JSON: {e}")
+
+        if not isinstance(parsed, list):
+            raise ValueError("SIDEBAR_LINKS_JSON must be a JSON array")
+
+        for idx, link in enumerate(parsed):  # type: ignore[misc]
+            if not isinstance(link, dict):
+                raise ValueError(f"Link at index {idx} must be an object")
+            required = {"icon", "url", "title"}
+            if not required.issubset(link.keys()):  # type: ignore[arg-type]
+                raise ValueError(f"Link at index {idx} missing fields: {required - link.keys()}")
+
+            # Validate URL is valid http/https
+            try:
+                HttpUrl(link["url"])  # type: ignore[arg-type]
+            except Exception as e:
+                raise ValueError(f"Link at index {idx} has invalid URL: {e}")
+
+        return parsed  # type: ignore[return-value]
+
+    if isinstance(v, list):
+        return v  # type: ignore[return-value]
+
+    raise ValueError(f"SIDEBAR_LINKS_JSON must be string or list, got {type(v)}")
+
+
 class Settings(BaseSettings):
-    model_config = SettingsConfigDict(env_file=("dev.env", ".env", "prod.env"), extra="ignore")
+    model_config = SettingsConfigDict(
+        env_file=("dev.env", ".env", "prod.env"),
+        env_file_encoding="utf-8",
+        extra="ignore",
+        case_sensitive=True,
+    )
+
     API_V1_STR: str = "/api/v1"
     SECRET_KEY: str = secrets.token_urlsafe(32)
-
     DEBUG: bool = False
-
     ENVIRONMENT: Literal["dev", "prod"] = "prod"
 
+    # OpenID Connect
     OIDC_CLIENT_ID: str = "bureaublad-frontend"
     OIDC_CLIENT_SECRET: str | None = None
-    OIDC_AUTHORIZATION_ENDPOINT: str = (
-        "https://id.la-suite.apps.digilab.network/realms/lasuite/protocol/openid-connect/auth"
-    )
-    OIDC_TOKEN_ENDPOINT: str = "https://id.la-suite.apps.digilab.network/realms/lasuite/protocol/openid-connect/token"  # noqa: S105
-    OIDC_JWKS_ENDPOINT: str = "https://id.la-suite.apps.digilab.network/realms/lasuite/protocol/openid-connect/certs"
+    OIDC_AUTHORIZATION_ENDPOINT: str = ""
+    OIDC_TOKEN_ENDPOINT: str = ""
+    OIDC_JWKS_ENDPOINT: str = ""
+    OIDC_USERNAME_CLAIM: str = "preferred_username"
     OIDC_SCOPES: dict[str, str] = {"openid": "", "profile": "", "email": ""}
     OIDC_AUDIENCE: str = "account"
-    OIDC_ISSUER: str = "https://id.la-suite.apps.digilab.network/realms/lasuite"
+    OIDC_ISSUER: str = ""
     OIDC_SIGNATURE_ALGORITM: str | list[str] = [ALGORITHMS.RS256, ALGORITHMS.HS256]
 
-    OCS_URL: str = "https://files.la-suite.apps.digilab.network"
+    # La Suite Services
+    OCS_URL: str | None = None
     OCS_AUDIENCE: str = "files"
-    DOCS_URL: str = "https://docs.la-suite.apps.digilab.network"
+    DOCS_URL: str | None = None
     DOCS_AUDIENCE: str = "docs"
-    DRIVE_URL: str = "http://localhost:3001"
-    DRIVE_AUDIENCE: str = "drive"
-    MEET_URL: str = "http://localhost:8085"
-    MEET_AUDIENCE: str = "meet"
-    CALENDAR_URL: str = "https://files.la-suite.apps.digilab.network"
+    CALENDAR_URL: str | None = None
     CALENDAR_AUDIENCE: str = "files"
-    TASK_URL: str = "https://files.la-suite.apps.digilab.network"
+    TASK_URL: str | None = None
     TASK_AUDIENCE: str = "files"
-    AI_BASE_URL: str = "https://api.openai.com/v1/"
-    AI_MODEL: str = "gpt-4o"
+    DRIVE_URL: str | None = None
+    DRIVE_AUDIENCE: str = "drive"
+    MEET_URL: str | None = None
+    MEET_AUDIENCE: str = "meet"
+
+    # AI Integration
+    AI_BASE_URL: str | None = "https://api.openai.com/v1/"
+    AI_MODEL: str | None = "gpt-4o"
     AI_API_KEY: str | None = None
-    ZAKEN_URL: str = "https://open-zaak.commonground.apps.digilab.network"
-    ZAKEN_AUDIENCE: str = "openzaak"
-    OPENZAAK_CLIENT_ID: str = ""
-    OPENZAAK_SECRET: str = ""
 
-    CORS_ALLOW_ORIGINS: str | list[str] = "*"
+    # Grist
+    GRIST_BASE_URL: str | None = None
+
+    THEME_CSS_URL: str = ""
+
+    SIDEBAR_LINKS_JSON: Annotated[list[dict[str, str]], BeforeValidator(parse_sidebar_links)] = []
+
+    CORS_ALLOW_ORIGINS: Annotated[list[AnyUrl] | str, BeforeValidator(parse_cors_origins)] = []
     CORS_ALLOW_CREDENTIALS: bool = False
     CORS_ALLOW_METHODS: list[str] = ["*"]
     CORS_ALLOW_HEADERS: list[str] = ["*"]
 
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def ocs_enabled(self) -> bool:
+        return self.OCS_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def docs_enabled(self) -> bool:
+        return self.DOCS_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def calendar_enabled(self) -> bool:
+        return self.CALENDAR_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def task_enabled(self) -> bool:
+        return self.TASK_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def drive_enabled(self) -> bool:
+        return self.DRIVE_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def meet_enabled(self) -> bool:
+        return self.MEET_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def ai_enabled(self) -> bool:
+        return self.AI_BASE_URL is not None and self.AI_MODEL is not None and self.AI_API_KEY is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def grist_enabled(self) -> bool:
+        return self.GRIST_BASE_URL is not None
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def oidc_discovery_endpoint(self) -> str:
+        if self.OIDC_ISSUER:
+            return f"{self.OIDC_ISSUER.rstrip('/')}/.well-known/openid-configuration"
+        return ""
+
+    @computed_field  # type: ignore[prop-decorator]
+    @property
+    def all_cors_origins(self) -> list[str]:
+        if isinstance(self.CORS_ALLOW_ORIGINS, str):
+            return [self.CORS_ALLOW_ORIGINS]
+        return [str(origin).rstrip("/") for origin in self.CORS_ALLOW_ORIGINS]
+
 
 settings = Settings()  # type: ignore[reportCallIssue]

backend/app/config.py

@@ -30,7 +30,7 @@
 
 app.add_middleware(
     CORSMiddleware,
-    allow_origins=settings.CORS_ALLOW_ORIGINS,
+    allow_origins=settings.all_cors_origins,
     allow_credentials=settings.CORS_ALLOW_CREDENTIALS,
     allow_methods=settings.CORS_ALLOW_METHODS,
     allow_headers=settings.CORS_ALLOW_HEADERS,

backend/app/main.py

@@ -3,8 +3,10 @@
 from .activity import Activity  # noqa: F401
 from .ai import ChatCompletionRequest  # noqa: F401
 from .calendar import Calendar  # noqa: F401
+from .config import Component  # noqa: F401
+from .document import Document  # noqa: F401
+from .meeting import Meeting  # noqa: F401
 from .note import Note  # noqa: F401
 from .search import FileSearchResult, SearchResults  # noqa: F401
 from .task import Task  # noqa: F401
 from .user import User  # noqa: F401
-from .zaak import Zaak  # noqa: F401

backend/app/models/__init__.py

@@ -0,0 +1,40 @@
+from pydantic import BaseModel
+
+
+class Component(BaseModel):
+    name: str
+    enabled: bool
+
+
+class Service(BaseModel):
+    name: str
+    enabled: bool
+
+
+class SidebarLink(BaseModel):
+    icon: str
+    url: str
+    title: str
+
+
+class OIDCConfig(BaseModel):
+    discovery_endpoint: str
+    username_claim: str
+
+
+class ApplicationsConfig(BaseModel):
+    ai: bool = False
+    docs: bool = False
+    drive: bool = False
+    calendar: bool = False
+    task: bool = False
+    meet: bool = False
+    ocs: bool = False
+    grist: bool = False
+
+
+class ConfigResponse(BaseModel):
+    sidebar_links: list[SidebarLink]
+    theme_css: str
+    applications: ApplicationsConfig
+    oidc: OIDCConfig

backend/app/models/config.py

@@ -2,4 +2,4 @@
 
 
 class Meeting(BaseModel):
-    title: str
+    title: str

backend/app/models/meeting.py

@@ -1,6 +1,6 @@
 import logging
 
-from fastapi import APIRouter, Request
+from fastapi import APIRouter, HTTPException, Request
 from openai import OpenAI
 
 from app.config import settings
@@ -13,8 +13,9 @@
 
 @router.post("/chat/completions")
 async def ai_post_chat_completions(request: Request, chat_request: ChatCompletionRequest) -> str:
-    if settings.AI_API_KEY is None:
-        return "AI niet beschikbaar"
+    # Redundant checks needed to satisfy the type system.
+    if not settings.ai_enabled or not settings.AI_MODEL:
+        raise HTTPException(status_code=503, detail="AI service is not configured")
 
     client = OpenAI(base_url=settings.AI_BASE_URL, api_key=settings.AI_API_KEY)